測試與安全

Use when configuring Fnox providers for encryption and secret storage. Covers age encryption, cloud providers (AWS, Azure, GCP), and password managers.

Use when essential PHP security patterns including input validation, SQL injection prevention, XSS protection, CSRF tokens, password hashing, secure session management, and defense-in-depth strategies for building secure PHP applications.

Use when testing Effect code including Effect.gen in tests, test layers, mocking services, and testing error scenarios. Use for writing tests for Effect applications.

Use when restructuring code to improve quality without changing external behavior. Emphasizes safety through tests and incremental changes.

Writing effective step definitions and organizing test code

Use when implementing GraphQL resolvers with resolver functions, context management, DataLoader batching, error handling, authentication, and testing strategies.

Use when advanced Pytest features including markers, custom assertions, hooks, and coverage configuration.

Master FastAPI dependency injection for building modular, testable APIs. Use when creating reusable dependencies and services.

Use when jest configuration, setup files, module resolution, and project organization for optimal testing environments.

Validates audio plugins through automated tests, pluginval, or manual DAW testing. Use for MANUAL testing via /test command. Note - Automatic validation now built into workflow (validation-agent runs after each stage). This skill is for manual testing only, after bug fixes, or when user mentions test, validate, validation, pluginval, stability, automated tests, run tests, check plugin, or quality assurance.

Use when cypress fundamentals including commands, assertions, fixtures, and E2E testing patterns.

Use when advanced Jest features including custom matchers, parameterized tests with test.each, coverage configuration, and performance optimization.

Use when jUnit parameterized tests with various value sources and test factories.

Use when facilitating BDD collaboration between developers, testers, and business stakeholders. Use when running discovery workshops and example mapping sessions.

Use when writing tests with Bun's built-in test runner. Covers test organization, assertions, mocking, and snapshot testing using Bun's fast test infrastructure.

Use when configuring GitLab CI/CD variables, managing secrets, or integrating with external secret providers. Covers secure credential handling.

Use when setting up Playwright test projects and organizing test suites with proper configuration and project structure.

Use when jest testing patterns including unit tests, mocks, spies, snapshots, and assertion techniques for comprehensive test coverage.

Use when testing GitHub Actions workflows locally with act. Covers act CLI usage, Docker configuration, debugging workflows, and troubleshooting common issues when running workflows on your local machine.

Use when working with Crystal language development including WebSocket communication, TLS/SSL configuration, HTTP frameworks, ORM operations, and high-performance concurrent systems.